Hi (fwd)

• Previous message (by thread): Hi (fwd)
• Next message (by thread): Customers squeezed as ISPs close in on viruses
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

william(at)elan.net wrote:

>FYI - if you're on windows machine DON'T TRY TO FOLLOW URL in that post
>
>Somebody sent me a copy of the content and its vbscript that downloads an 
>image converts it into executable and then probably uses some bug in 
>microshit products to have it executed. I'm not that good with windows 
>scripting so whoever of the security people here wants to see it futher if 
>you can not get it yourself, let me know. Its possible this maybe zombie 
>making virus using nanog to replicate (somebody's sick joke) but possibly
>its more general with other lists too. Spammers and virus writers joined
>together are getting nastier and nastier.
>  
>

It's another varient of Bagle...

My analysis of it is at: http://www.au.sorbs.net/virus.explain.txt - 
since then Symantec has release it's more detailed explaination under 
the headings for Bagle.r and Bagle.s

/ Mat

• Previous message (by thread): Hi (fwd)
• Next message (by thread): Customers squeezed as ISPs close in on viruses
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]